Show TOC Start of Content Area

Procedure documentation Setting an Authentication Level  Locate the document in its SAP Library structure

Use

You can set an authentication level which the Web service requires from the Web service client during communication. The authentication level verifies the identity of the Web service client before allowing access to the resources provided by the Web service.

By using the @AuthenticationDT annotation, you can set any of the authentication levels listed below. Each of them implies the usage of a specific authentication method by the Web service client, such as a user name and a password.

      NONE

The Web service requires no authentication from the Web service client. By default, all Web services you create have authentication level NONE.

      BASIC

The Web service requires the client to use a user name and password.

      STRONG

The communication between the Web service and Web service client involves the use of certificates.

You set the authentication method for the Web service client when you configure the Web service client in the SAP NetWeaver Administrator.

When you configure a Web service client, you can set an authentication method which corresponds to the authentication level of the Web service, or to a higher authentication level. For example, if the Web service has a STRONG authentication level, you cannot set just a user name and a password for the Web service client.

When you configure the Web service at runtime in the SAP NetWeaver Administrator, you can change the authentication level of the Web service to a higher one. For example, if the Web service was configured with BASIC authentication level in the SAP NetWeaver Developer Studio, you change the level only to STRONG. Note that in this case, you cannot decrease the authentication level to NONE.

More information about configuring Web services and Web service clients: Configuring Web Services and Web Service Clients in the SAP NetWeaver Administrator.

Procedure

The code sample below shows the usage of the class level annotation @AuthenticationDT to set BASIC authentication level.

Syntax

package com.sap.example;

 

import javax.ejb.Stateless;

import javax.jws.WebMethod;

import javax.jws.WebParam;

import javax.jws.WebService;

import com.sap.engine.services.webservices.espbase.configuration.ann.dt.AuthenticationDT;

import com.sap.engine.services.webservices.espbase.configuration.ann.dt.AuthenticationEnumsAuthenticationLevel;

 

@WebService(name="MyStatefulImplementationClass", serviceName="MyStatefulImplementationClassService", targetNamespace="http://sap.com/example/", portName="MyStatefulImplementationClassPort")

@Stateless

//Set BASIC authentication level for the whole class

@AuthenticationDT(authenticationLevel=AuthenticationEnumsAuthenticationLevel.BASIC)

public class MyStatefulImplementationClass {

      @WebMethod(operationName="MyMethod1", exclude=false)

      public void MyMethod1 (@WebParam(name="newValue1")

      int newValue1)

      {

         //MyMethod1 implementation

      }

      @WebMethod(exclude=false, operationName="MyMethod2")

      public int MyMethod2 (@WebParam(name="arg")

      int arg)

      {

         return arg;

      }

}

If you want to set a STRONG authentication level, you use the annotation with the following value of the authenticationLevel attribute:

@AuthenticationDT(authenticationLevel=AuthenticationEnumsAuthenticationLevel.STRONG)

End of Content Area